Sample IaC diff JSON output
```json
{
"id": "fb0e9a92-de34-43f9-b779-17d25e99ab35",
"iac_engine_version": "1.15.0",
"type": "diff_scan",
"entities_with_incidents": {
"unchanged": [
{
"filename": "s3.tf",
"incidents": [
{
"policy": "Allowing public exposure of a S3 bucket can lead to data leakage",
"policy_id": "GG_IAC_0055",
"line_end": 118,
"line_start": 96,
"description": "AWS S3 Block Public Access is a feature that allows setting up centralized controls\\nto manage public access to S3 resources.\\n\\nEnforcing the BlockPublicAcls, BlockPublicPolicy and IgnorePublicAcls rule on a bucket\\nallows to make sure that no ACL (Access control list) or policy giving public access\\ncan be associated with the bucket, and that existing ACL giving public access to\\nthe bucket will not be taken into account.",
"documentation_url": "<https://docs.gitguardian.com/iac-scanning/policies/GG_IAC_0055>",
"component": "aws_s3_bucket.operations",
"severity": "HIGH"
}
],
"total_incidents": 1
}
],
"deleted": [
{
"filename": "s3.tf",
"incidents": [
{
"policy": "Allowing public exposure of a S3 bucket can lead to data leakage",
"policy_id": "GG_IAC_0055",
"line_end": 118,
"line_start": 96,
"description": "AWS S3 Block Public Access is a feature that allows setting up centralized controls\\nto manage public access to S3 resources.\\n\\nEnforcing the BlockPublicAcls, BlockPublicPolicy and IgnorePublicAcls rule on a bucket\\nallows to make sure that no ACL (Access control list) or policy giving public access\\ncan be associated with the bucket, and that existing ACL giving public access to\\nthe bucket will not be taken into account.",
"documentation_url": "<https://docs.gitguardian.com/iac-scanning/policies/GG_IAC_0055>",
"component": "aws_s3_bucket.operations",
"severity": "HIGH",
}
],
"total_incidents": 1
}
],
"new": [
{
"filename": "s3.tf",
"incidents": [
{
"policy": "Allowing public exposure of a S3 bucket can lead to data leakage",
"policy_id": "GG_IAC_0055",
"line_end": 118,
"line_start": 96,
"description": "AWS S3 Block Public Access is a feature that allows setting up centralized controls\\nto manage public access to S3 resources.\\n\\nEnforcing the BlockPublicAcls, BlockPublicPolicy and IgnorePublicAcls rule on a bucket\\nallows to make sure that no ACL (Access control list) or policy giving public access\\ncan be associated with the bucket, and that existing ACL giving public access to\\nthe bucket will not be taken into account.",
"documentation_url": "<https://docs.gitguardian.com/iac-scanning/policies/GG_IAC_0055>",
"component": "aws_s3_bucket.operations",
"severity": "HIGH"
}
],
"total_incidents": 1
}
]
}
}
```